Issue:
How to test if EDR sensors on Windows, Mac and Linux are working and reporting detections to the Elements Endpoint Detection and Response portal?
Resolution:
For Windows sensors there are a few tests outlined in the product Simple test with Windows system tools | Elements Endpoint Detection and Response | Latest | WithSecure User Guides
Mac sensors can be tested by running the following Terminal commands for different detection event types:
file event test:
uuid=$(uuidgen) && touch "$uuid" $(printf this_is_%s_test_file f_secure)
socket event test:
python -m SimpleHTTPServer
Linux sensors can be tested by running the following Terminal commands for different detection event types:
file event test:
touch this_is_f_secure_test_file
socket event test:
python -m SimpleHTTPServer
Article no: 000016162